(6) SC. Qualys Security Conference Dubai 


Real-Time Vulnerability 
Management 


Operationalizing the VM process from detection to 
remediation 


Jimmy Graham 
Senior Director, Product Management, Qualys, Inc. 


Адепаа 


Expanding Vulnerability 
Management 


Vulnerability Management 
Platform Evolution 


Introducing Qualys Patch 
Management 


Vulnerability Management Lifecycle 


Asset Vulnerability 
Inventory “Pore — Management 
P 
$ 
"d "s Threat Risk and 
Patch Prioritization 
Management 


© Qualys 


Expanding Vulnerability Management 


Private Cloud 


Containers EO 


loT Devices Sex Ё be ICS / SCADA 
ы тт E. & 
" e e ° 
Mobile Devices И 24.2. © 21. E Worketallonë 


e 
Public Cloud йы» Оп Premise 


© Qualys 


Case Study: Large Bank 


Challeng 

е 
Difficult to prioritize vulnerabilities 
across 100,000 endpoints 


Manual correlation of external 
threat data 


No active alerting on high-threat 
vulnerabilities 


Low visibility into workstations 


Solution 


Threat Protection RTIs automates 
prioritization 


Threat Protection Live Feed provides 
one-click access to impacted assets 


Continuous Monitoring combined 
with RTIs 


Qualys Cloud Agent for continuous 
and complete visibility 
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Vulnerability Management 


Platform Evolution 
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Dynamic VM Dashboard 
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VULNERABILITIES BY SEVERITY VULNERABILITIES BY TYPE 
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Opening Up the VM Detections Platform 


Custom Remote Detections 


{} IPcam QRDlI.json € 
T 
Qualys Remote Detection Interface "detection type": "http dialog", "api version": 1, "trigger type": ' 


(QRDI) — 


'/cgi-bin/CGIProxy.fcgi?usr-visitor&pwd-testingq 
or": "stop" 


Create your own or share on Qualys 
Community D р, "process", 


"; "regexp", 
h": "<firmwareVer>(.*)</firmwareVer>", 
act": [{"var": "wholeMatch"), {"var": "firmwareVersion' 


Supports HTTP(S) and raw TCP 


"transaction": "report", "result": {"concat": ["Foscam Fir 


Regex grouping and capturing 


LUA scripting for advanced logic 
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Current Patch 
Management Tools 
Challenges and Impact 


Introducing 


Qualys Patch 
Management 
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Automated correlation of 
vulnerability and patch data 
— Which patch fixes the CVE? 


Simple ааѕћбоагаіпд for 
tracking missing patches 


Patch using the Qualys 
Cloud Agent, anywhere 


Patch OS and third-party 
applications 


Single solution for Windows, 
macOS, and Linux 


Shift From 
Reaction Mode 
to Operational 
Security 


Always up-to-date on 
missing patches 


Security and IT teams can "speak 
the same language” 


Collaboration — key to successful 
digital transformation 


Unify discovery, prioritization, and 
remediation into one platform 


Rapid remediation of high-profile 


vulnerabilities in days vs. weeks 


Regularly scheduled deployments 
are repeatable and reported on 
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Platform Support 


ХР SP3+ 


Vista 
Windows 7 
Windows 8/8.1 


Windows 10 
Server 2003 SP2+ 
Server 2008/R2 
Server 2012/R2 
Server 2016 
Server 2019 
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OS X 10.10 
Yosemite 


OS X 10.11 
El Capitan 


macOS 10.12 
Sierra 


macOS 10.13 
High Sierra 


macOS 10.14 
Mojave 
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RHEL 6,7 
CentOS 5.4+,6,7 


SUSE Linux Enterprise 
Server/ Desktop 
11,12,15 


Oracle Ent Linux 
6,7 (Server) 


Ubuntu 
14.x,15.x,16.x,18.x 
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Patch Management Roadmap 


Patch Management Patch Management Patch Management 
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March 2019 Мау 2019 


Мас patching 


Windows patching (desktops On-prem Caching of patches | Linux patching w/ 
and servers) (САС) . . . 
Repository integration 
Qualys serves patches Direct download from vendors Role-based access control 


for off-prem Automation Rules & Approval 


Third party Windows workflows 
applications Tag-based user scoping 
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Qualys Unified Dashboard 


Preview 
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Dashboards Qualys Demo (quays_qd) 
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Unified Dashboard Rollout 


Phase 1 - Q3 2019 Phase 2 - Q1 2020 
Unified Dashboard App Unified widget builder 
| Upgrade existing Cloud App 
Global dashboard filters Dashboards 
Support for: Support for: 


0600 200 
0000 oo 


© Qualys. 


(6) SC. Qualys Security Conference Dubai 


Thank You 


Jimmy Graham 
jgraham@qualys.com 


